Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-8203

Passwords printed in log messages

XMLWordPrintable

    • Low
    • No
    • Agent Sprint 232
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      Using an IPI `install-config` with the Agent-based Installer results in warning log messages showing the contents of any unused fields. Previously, these warnings printed sensitive information such as passwords. With this update, the warning messages for the credentials fields in the `vsphere` and `baremetal` platform sections have been changed to avoid logging any sensitive information. (link:https://issues.redhat.com/browse/OCPBUGS-8203[*OCPBUGS-8203*])
      Show
      Using an IPI `install-config` with the Agent-based Installer results in warning log messages showing the contents of any unused fields. Previously, these warnings printed sensitive information such as passwords. With this update, the warning messages for the credentials fields in the `vsphere` and `baremetal` platform sections have been changed to avoid logging any sensitive information. (link: https://issues.redhat.com/browse/OCPBUGS-8203 [* OCPBUGS-8203 *])
    • Bug Fix
    • Done

      When processing an install-config containing either BMC passwords in the baremetal platform config, or a vSphere password in the vsphere platform config, we log a warning message to say that the value is ignored.

      This warning currently includes the value in the password field, which may be inconvenient for users reusing IPI configs who don't want their password values to appear in logs.

            zabitter Zane Bitter
            zabitter Zane Bitter
            Manoj Hans Manoj Hans
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: